On Monday 28 October 2002 09:47, Michael R.Bagnall wrote:
> I really don't think that this list is the place to debate what is a
> "good" or a "bad" language for web applications.
Hmm... I dissagree. The security posture you start with (i.e., the posture
that the tools you choose grandfather to you) makes a hell of a lot of
difference when it comes to producing a secure app. The less work that's
needed to make an app secure, the better since it means there are fewer
oppourtunities to screw up. Developers who want to write secure code need
to face the fact that at some point they are beholden to the averages, and
any tool that makes those averages better is a Good Thing (TM).
We can probably debate the feature-based merrits of languages until we are
blue in the face, and I agree that wouldn't be a relevant discussion here.
However, discussion of language choice WRT to how it impacts security is
most assuredly on-topic.
A good craftsman will never blame his tools, but a good craftsman is also
going to choose the tools that make his life better. Would you really trust
a plumber that showed up and asked to borrow whatever wrenches you had
laying around?
--
Alex Russell
alex_at_SecurePipe.com
alex_at_netWindows.org
Received on Oct 28 2002
Intro
